Performance Analysis of ACO-Based IP Traceback

Executive Summary

The Internet has experienced a tremendous expansion in its size and complexity since its commercialization. Internet hosts are threatened by large-scale Distributed Denial-of-Service (DDoS) attacks in the network. DDoS attacks typically rely on compromising a large number of hosts to generate traffic to a single destination node. Thus the severity of DDoS attacks will likely increase to the possible extend, as greater numbers of poorly secured hosts are connected to high-bandwidth Internet connections. To detect and coordinate DDoS attacks in the network usually an Intrusion Detection System (IDS) is used but, this method consumes most of the resources and thereby degrades the network performance.